Data breach at cryptocurrency exchange platform affects thousands of India-based users

During the last weeks the cybersecurity community has identified a new data breach outbreak related to the leaker known as ShinyHunters, who has been attacking multiple organizations worldwide. This time, the hacker assures to have leaked at least 6 GB of data belonging to the clients of Indian cryptocurrency exchange platform BuyUCoin. This platform supports over 50 cryptocurrencies, including Bitcoin and Ethereum.

The database is available for free in a well-known dark web forum. This dump contains up to 325,000 unique registers, which means almost every BuyUCoin user could have been affected by the breach.

The incident was first spotted by cybersecurity specialist Rajshekhar Rajaharia, who mentioned that the data was stored in a MongoDB implementation. Among the affected records he could find confidential data, including:

  • Users’ full names
  • Email addresses
  • Phone numbers
  • Bank account numbers
  • Bank account type

BuyUCoin stores its clients’ banking details so they can easily perform cryptocurrency transactions. Rajaharia mentioned that ShinyHunters shared some screenshots fo the leaked records, revealing that the database also contains users’ transactions records. The expert, who happens to also be a BuyUCoin client, says that the compromised database is storing data until September 2020, so the incident is affecting completely active details.

On the potential attack vector, the expert mentions that the leaking could be the consequence of a breach at BuyUCoin servers, since the data was leaked as a dump. In this regard, a company’s spokesperson mentioned that there was no data breach: In mid-2020, we conducted a routine testing during which we faced a low impact security incident that compromised around 200 registers of dummy data; not even a single customer was affected”.

Nonetheless, a recently published report by Inc42 contradicts the BuyUCoin statement as the demonstrated the security incident referred by the exchange platform actually exposed users’ data. Affected users and researchers are still waiting for a new BuyUCoin statement.

This is not the only recent security incident involving the leaking of thousands of personal records. A few weeks ago, the payment processing platform Juspay acknowledged that over 100 million users’ records were breached, in what has became the biggest data leaking incident ever registered in India. Juspay operates payments for platforms like Uber, Amazon and Ola, so the leaking could have been a serious drawback for the company’s finances.